JP2009205542A - Personal authentication system, personal authentication method, and personal authentication program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To reduce user's psychological reluctance by reducing a load on a user and reducing a risk that personal information is peeped by a third party. <P>SOLUTION: A personal authentication system 1 is provided with a user information database 30 for storing user's personal information and a knowledge database 40 for storing knowledge information related to the personal data stored in the user information database 30. The personal identification system generates a query on the basis of the knowledge information stored in the knowledge database 40, issues the generated query, and screens candidates for authentication by using an answer to the query. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a personal authentication system, a personal authentication method, and a personal authentication program for asking a user a question and narrowing down individuals by using an answer to the question.

  In recent years, the number of cases where biometric authentication is used as means for identifying a person in entrance / exit management, book lending, etc. (see Patent Document 1). In biometric authentication, an ID is first input, and an authentication process is performed after an individual is specified, and an authentication process is performed on all registered biometric data without inputting an ID or the like. It has been known.

  In such 1: N authentication in biometric authentication, there are cases where the processing time becomes enormous if all registered data are collated. In addition, the acceptance rate of others who misrecognize biometric data that is not originally the person is generally deteriorated as the number of persons to be collated increases. For this reason, the collation process is usually performed after narrowing down individuals before the biometric authentication process.

  For example, in an entrance / exit management system, biometric authentication is often executed after an employee card is first read or an employee ID is input to identify an individual. However, in the method using such a card, the user always needs to carry the card, and in the method for inputting the ID, the user needs to store the ID number and the like.

  For this reason, as a biometric authentication method that can be authenticated without entering a card or ID number, in Patent Document 2, a favorite “symbol” is defined and registered for each user, and the user uses the ATM. A biometric authentication method is disclosed in which a “symbol” is input to the user and the user is narrowed down using the symbol as a key before performing biometric authentication.

  In addition, as a biometric authentication method that can authenticate without entering a card or ID number, the registered personal information (for example, first name, last name, phone number, date of birth, etc.) can be directly entered to narrow down individuals from the database. There is also a method of performing biometric authentication after it has been performed.

JP 2007-52720 A JP 11-328421 A

  By the way, in the technique of the above-mentioned patent document 1, in order to narrow down biometric authentication, etc., since “symbol” or “group number” is input, the user needs to memorize “symbol” or the like. There was a problem that it would be a burden.

  In addition, the above-mentioned method for directly entering personal information involves entering personal information such as first name and last name, date of birth, and telephone number in public places. There was a problem of feeling a feeling. In addition, there is a problem that direct input of personal information takes time and burdens on the user.

  Therefore, the present invention has been made to solve the above-described problems of the prior art, and while reducing the burden on the user, the risk of peeping personal information by a third party is reduced, The purpose is to reduce the psychological resistance of users.

  In order to solve the above-described problems and achieve the object, this system is a personal authentication system for asking a user a question and narrowing down an individual using an answer to the question, the personal information of the user Based on the knowledge information stored in the knowledge information storage means, the knowledge information storage means for storing knowledge information related to the personal information stored in the personal information storage means, and the knowledge information stored in the knowledge information storage means And a question generation means for generating a question, and a personal narrowing-down means for asking the question generated by the question generation means and narrowing down individuals using an answer to the question.

  The disclosed system eliminates the need to input personal information directly, reducing the burden on the user and reducing the risk of a third party peeping at the personal information. There is an effect of reducing.

  Exemplary embodiments of a personal authentication system, a personal authentication method, and a personal authentication program according to the present invention will be described below in detail with reference to the accompanying drawings.

  In the following embodiments, the configuration and processing flow of the personal authentication system according to the first embodiment will be described in order, and finally the effects of the first embodiment will be described. In the following, an example of application to a book lending system will be described as an example used for narrowing down.

[Configuration of personal authentication system]
Next, the configuration of the personal authentication system 1 will be described with reference to FIG. FIG. 1 is a block diagram illustrating the configuration of the personal authentication system 1 according to the first embodiment. As shown in FIG. 1, the personal authentication system 1 includes a lending processing terminal 10, a system management terminal 20, a user information database 30, and a knowledge database 40. The processing of each of these units will be described below.

  The user information database 30 is a database that holds information about users. Specifically, the user information database 30 holds personal information and biometric information data. Here, the personal information held in the user information database 30 is information entered by the user when applying for use, as shown in FIG. 2, such as first name, last date, date of birth, gender, address, For example, a telephone number.

  The biometric information data stored in the user information database 30 is biometric information data used as registration data when performing personal authentication. For example, the user's fingerprint pattern information is applicable. When a user lends a book, the registered biometric information data is compared with the currently input biometric information data to confirm whether or not the user is a principal.

  The knowledge database 40 stores knowledge information related to the personal information stored by the user information database 30. Specifically, the knowledge database 40 is a database that holds knowledge information for the question generation unit 14 to be described later to generate a question. For example, the knowledge database 40 has information for calculating the zodiac signs and constellations from the date of birth, as illustrated in FIG.

  In addition, about the question sentence itself produced | generated, you may make it the structure which the question production | generation part 14 hold | maintains beforehand as program data, and the structure which hold | maintains the question sentence itself in the knowledge database 40 so that it may illustrate in FIG. It is good.

  The constellation is determined by the date of birth, but the boundary date is not necessarily unique. Therefore, it can be set as the structure which has so that the relationship between the constellation and date which the knowledge database holds may overlap.

  The system management terminal 20 is a terminal that performs various settings related to the system. For example, the processing time allowable in the biometric authentication process and the allowable acceptance rate of others are set. It also updates knowledge databases and registers user information.

  The lending processing terminal 10 has a program that defines various processing procedures and an internal memory for storing necessary data, and executes various processing by using these programs. Particularly, the lending processing terminal 10 is closely related to the present invention. , A display unit 11, an input unit 12, a biometric authentication sensor unit 13, a question generation unit 14, a biometric authentication control unit 15, and a biometric authentication engine 16.

  The display unit 11 displays various information (for example, questions and narrowed down conditions) to the user, and includes a monitor (or a display or a touch panel) and a speaker. For example, as illustrated in FIG. 4, the display unit 11 displays a question (a question related to the user's constellation in the example illustrated) generated by the question generation unit 14 described later.

  Moreover, when making the user select an answer, the display unit 11 may randomly display a dummy answer that does not originally exist as an answer option. By inserting a dummy answer, the effect of reducing the possibility of memorizing information when a third party peeks is obtained. When such a dummy is selected, there is a possibility that a third party other than the principal is attempting an unauthorized process. In such a case, take measures such as displaying a warning on the system management terminal 20. Can do.

  Moreover, the display part 11 displays the narrowing-down condition on a screen sequentially so that it may illustrate in FIG. That is, the display unit 11 sequentially displays the narrowed down state on the screen in this way, and the user can execute the collation process at an arbitrary time.

  That is, some users may feel that input is troublesome even if the verification process takes time. In that case, the user can start the collation process at his or her favorite time. For this purpose, the display unit 11 displays the current narrowing state on the screen. For example, the display unit 11 displays information such as “it will take 2 seconds if the current collation is performed”, and the user himself / herself is sufficient. A button for starting the collation process is prepared at the felt stage.

  The input unit 12 is a device that receives an answer to a question from a user, and includes a keyboard, a mouse, and a trackball. In addition, a touch panel or the like can be used with a configuration shared with the display unit 11.

  Specifically, as shown in FIG. 4, an answer to the question may be input directly from the keyboard, or an interface that displays a plurality of options on the display unit 11 and allows the user to select with a mouse or the like. But it ’s okay. In addition, a configuration using a touch panel is also possible, and the user can also have an interface for selecting a corresponding answer from among the answers.

  Further, as shown in FIG. 4, it may be prepared as an option for passing a question. This is because there may be cases where the user forgets the answer to the question. In this case, since the users are not sufficiently narrowed down, the authentication process may take a long time. However, the user can use it with confidence by accepting the pass.

  Note that direct input of personal information may be permitted when requested by the user. That is, some users may not feel much resistance to inputting personal information directly, and may feel that it is easier to input personal information directly. In such a case, it may be configured to allow direct input.

  Furthermore, it may be configured such that whether or not direct input of personal information is permitted can be set for each individual. For example, there are cases where it is desirable for adults with sufficient judgment power to select freely, while for children and the like, it is desirable to avoid direct input as much as possible in consideration of safety. In that case, it is possible to adopt a configuration in which the direct input button is invalidated in the case of a child under 10 years old, judging from the registered date of birth. It is also possible to design this setting so that it can be updated from the system management terminal at any time.

  The biometric authentication sensor unit 13 is a sensor for inputting biometric information data used for biometric authentication. For example, a fingerprint sensor for fingerprint authentication is applicable. Various biometric sensors such as fingerprint, face authentication, vein authentication, iris authentication, retina authentication, and voice authentication can be used as the biometric authentication sensor unit 13.

  The question generation unit 14 generates a question based on the knowledge information stored in the knowledge database 40, asks the generated question, and narrows down individuals by using an answer to the question (for a narrowing process, In the description of the process using FIG. Specifically, the question generation unit 14 sequentially generates, for example, questions for limiting the number of registered persons to 10 or less, and displays it on the display unit 11. And the question production | generation part 14 produces | generates the list L which narrowed down the user according to the user's answer with respect to the produced | generated question.

  Here, the question generation unit 14 inevitably takes time for the collation process when the necessary narrowing-down cannot be performed even if all the questions registered in the knowledge database 40 are used, and the biometric authentication process is unavoidable at that stage. To start.

  In such a case, the question generation unit 14 issues a warning to the system management terminal 20 and prompts the system administrator to update the knowledge database 40 or biometric authentication engine 16. It is also possible to deal with the problem by newly generating a question using a part of the registered personal information. For example, the user may answer the last digit of the telephone number.

  Further, after confirming the identity by biometric authentication, a question regarding personal information may be made again. In other words, if the person is determined to be the person as a result of biometric authentication, but he / she cannot answer correctly what he / she knows naturally, such as his / her constellation, some kind of fraud may have occurred. Can be expected to be high.

  The biometric authentication control unit 15 performs biometric authentication processing when the narrowing down is completed. Specifically, the biometric authentication control unit 15 prompts the user to input biometric data used for biometric authentication when the question generation unit 14 finishes the narrowing process, and acquires the biometric data from the biometric authentication sensor unit 13. .

  Subsequently, the biometric authentication control unit 15 extracts the user numbers in order from the list L narrowed down by the question generation unit 14, and sequentially checks the registered biometric information data of the corresponding user with the biometric information data currently input. To the biometric authentication engine 16.

  Then, the biometric authentication control unit 15 receives the similarity that is the collation result from the biometric authentication engine 16 and determines the user No with the highest similarity. If the highest similarity is lower than a predetermined threshold, it is determined that there is no corresponding user, and an error is displayed.

  Here, the predetermined threshold value may be variable according to the number nL of elements in the finally narrowed list. In other words, when the number of people remaining in the list is large, the probability of accepting others is high, while when the number is small, the probability of acceptance of others is low, so a table is set in advance for the number of people nL remaining in the list. The threshold is set in the form of similarity threshold = F (nL). On the other hand, when the highest degree of similarity is higher than a predetermined threshold value, a book lending process is executed for the corresponding user No.

  In addition, the biometric authentication control unit 15 determines a target narrowing number Nt that needs to be narrowed down to this number or less when narrowing down registered users in order to use biometric authentication. Specifically, the biometric authentication control unit 15 “processing time” required for processing the biometric information data for one person and “other person acceptance rate” indicating the probability of erroneously recognizing the data of another person as the person. Accordingly, the target narrowing number Nt is determined and notified to the question generation unit 14.

  Here, the “processing time” and the “other person acceptance rate” which are conditions for determining the target narrowing number Nt will be described. “Processing time” is the processing time required for processing the biometric data for one person, and is determined by the processing capability of the biometric authentication engine and hardware. Assuming that the time for one person is t [seconds], when the collation process is performed N times, the processing time is generally (N * t) [seconds].

  On the other hand, for reasons of system operation, there is a request that the verification process be completed within T [seconds]. From this condition, it is necessary to narrow down the number of verifications to “N1 = (T / t) people” or less. If the authentication engine is very fast or the number of registered people is small, it is not necessary to narrow down. In this case, biometric data can be input and verified immediately.

  The “other person acceptance rate” is the probability of erroneously recognizing the data of others as being the person, and when the other person acceptance rate in the case of 1: 1 collation is r, the number of people to be collated is N. In other words, the acceptance rate of others is almost (N * r). This is because the probability that any one coincides by chance increases in proportion to N because the matching process is performed N times.

  On the other hand, it is common to design in advance the acceptance rate R that can be accepted by the system. In order to make the acceptance rate of others as R or less as a system, it is necessary to narrow down the number of collation to “N2 = R / r” or less.

  In this way, the biometric authentication control unit 15 determines the number Nt of system narrowers from the above two conditions “processing time” and “other person acceptance rate”. For example, the biometric authentication control unit 15 calculates N1 and N2 as processing for determining the target narrowing number Nt, and determines the smaller one as the target narrowing number Nt.

  It should be noted that the biometric authentication engine 16 may hold numerical data related to the biometric authentication engine 16 (t and r described above), and the biometric authentication control unit 15 may extract values. A value may be manually set via a system management terminal 20 from a document or the like. Further, Nt may be calculated not by the biometric authentication control unit 15 but by the system management terminal 20 and notified to the biometric authentication control unit 15. Further, the system administrator may directly input the value of Nt using the system management terminal 20.

  The biometric authentication engine 16 performs a matching process between the registered biometric information data and the input biometric information data input for authentication. Specifically, when the biometric authentication engine 16 receives a request from the biometric authentication control unit 15, the biometric authentication engine 16 collates the biometric information, calculates a similarity indicating how much the two are similar, and the biometric authentication control unit 15. Notify

[Process by personal authentication system]
Next, the narrowing-down process by the personal authentication system 1 according to the first embodiment will be described with reference to FIG. FIG. 7 is a flowchart illustrating the processing operation of the personal authentication system according to the first embodiment.

  As shown in the figure, the question generation unit 14 of the lending processing terminal 10 initializes the list L (step S101). Here, the list L is a list for storing the current narrowing-down results, and in the initial state, the registration numbers of all registered users are set. Here, the registration number is a number assigned to each user.

  And the question production | generation part 14 acquires n (namely, narrowing down target number N) which is the number of registration No from the list L (step S102). Subsequently, it is determined whether or not the number of people n set in the list L is smaller than the target narrowing number Nt (step S103).

  As a result, when the question generation unit 14 determines that n is less than Nt (Yes at Step S103), the narrowing is completed at that time, and biometric authentication processing is performed on the users registered in the list L. Do. When the number of registered people is small, this condition is satisfied without performing narrowing down, and the user can immediately execute the biometric authentication process.

  On the other hand, if the question generation unit 14 determines that n is greater than or equal to Nt (No in step S103), the question generation unit 14 accesses the knowledge database 40 and asks questions that are not used in the current filtering process from the registered questions. No is acquired (step S104). In addition, when there are a plurality of unused questions, the question generation unit 14 may use them in order or randomly.

  Then, the question generation unit 14 displays the acquired question No = i question on the display unit 11 (step S105). Thereafter, the question generation unit obtains an answer from the user to question No = i via the input unit 12 (step S106).

  Thereafter, the question generation unit 14 updates the list L from the answer from the user and the answer data in the knowledge database (step S107). Specifically, the question generation unit 14 deletes, from the list, the user number of the user who does not have the user attribute information obtained from the current question in the list L. Then, it returns to step S102 and repeats until the number of users n included in the list L becomes a predetermined number Nt or less.

[Effect of Example 1]
As described above, the personal authentication system 1 does not directly input information about a person (birth date, address, affiliation information, etc.), but generates a question about the corresponding personal information based on knowledge, and Therefore, it is possible to reduce the burden on the user, reduce the risk of personal information being peeped by a third party, and reduce the psychological resistance of the user.

  Further, in the personal authentication system 1, since it is not necessary to directly input personal information, the burden on the user is reduced, and the risk that the personal information is peeped by a third party is reduced. It is possible to reduce the sense of mechanical resistance.

  That is, since it is sufficient for the user to answer the minimum number of questions necessary for narrowing down, the labor is reduced compared to the case where all personal information is input. For example, with a user interface that uses a touch panel to select constellations, etc., the user only has to select his / her constellation by looking at the screen. It is possible to reduce labor.

  The personal authentication system 1 can improve security by requesting an answer to a question created by the system. In other words, it is easy for a third party to input personal information obtained by some method in the method of directly entering personal information, but it is not easy to immediately answer questions using knowledge information on the spot. Absent. For example, it is not possible to immediately answer other people's zodiac signs or constellations. Of course, these pieces of information can be understood by taking a long time, so that it does not guarantee 100% reliability, but has an effect as a deterrent.

  In addition, the personal authentication system 1 can be configured to make a question about personal information again after the identity is confirmed by biometric authentication. In other words, with this method, if it is determined that the person is the person as a result of biometric authentication but the person himself / herself knows naturally, such as his / her constellation, cannot be answered correctly, some fraud is performed. It is possible to predict that there is a high probability that

  Further, in the personal authentication system 1, compared to the method using the identification key, the question generation unit 14 generates a question necessary for narrowing down from registered information, and the user only has to answer it. It is possible to reduce the burden on the user.

  By the way, in the above-described first embodiment, the example applied to the book lending system has been described as an example using the narrowing-down of the biometric authentication process. However, the present invention is not limited to this, and the narrowing down of the biometric authentication process is performed. As an example in which the process of the present invention is added later to an existing entrance / exit management system in an office or the like, an example will be described. Here, the existing entrance / exit management system is, for example, an entrance / exit management system that uses an employee card and a password in combination, or a system that combines direct input of an employee ID and biometric authentication.

  Therefore, in the following second embodiment, as a case where the present invention is applied to an existing entrance / exit management system, the configuration of the personal authentication system 1a in the second embodiment will be described with reference to FIGS. FIG. 8 is a block diagram illustrating the configuration of the personal authentication system according to the second embodiment. FIG. 9 is a diagram illustrating an example of an employee database according to the second embodiment. FIG. 10 is a schematic diagram illustrating an example of a knowledge database according to the second embodiment.

  As shown in FIG. 8, the personal authentication system 1a according to the second embodiment is different from the personal authentication system 1 according to the first embodiment in that an employee database 50 that stores information about employees is provided. The employee database 50 and the biometric information database 30a are those of an existing entrance / exit management system, and it is assumed that a knowledge database 40a is added later as a database when the present invention is applied.

  Here, examples of the employee database 50 and the knowledge database 40a in the personal authentication system 1a will be described with reference to FIGS. As shown in FIG. 10, the employee database 50 has an employee number registered in the employee database. For example, the employee number is assigned based on a rule that the first two digits of the employee number indicate the hire year. There may be. In such a case, since it is possible to calculate the hire year from the registered employee number, it is possible to narrow down by asking the hire year.

  Also, as shown in FIG. 11, the knowledge database 40a uses an office as an example, and unlike the first embodiment, questions such as the office floor and door number are stored from the registered affiliation information.

  When the question generation unit 14a selects a question from a plurality of questions registered in the knowledge database 40a, the question generation unit 14a may be configured to select in order from questions with a high narrowing effect. For example, when there are only three floors, it is possible to narrow down more quickly by selecting a constellation from the date of birth than by selecting a floor.

  Therefore, when there are a plurality of questions, the question generation unit 14a may calculate the expected number of narrowdowns for each question and preferentially select the question with the highest narrowing effect. It is also possible to set a priority for each question in the knowledge database 40a and select the question according to the priority.

  Further, the question generation unit 14a may be configured to select not only a question by a character string such as “What floor is the office?” But also a photo of an office door as a question. For example, the color of the office floor, the photo of the door, the scenery seen from the office, etc. are information that is naturally known to the corresponding employee, and it is possible to select these photos.

  The knowledge database 40a can be updated at any time, and is updated at any time via the system management terminal 20 when affiliation information or the like changes. At this time, the knowledge database 40a may not be able to grasp new affiliation information or related information by the user himself. For this reason, the previous affiliation information may be temporarily input from immediately after the affiliation changes until a certain period of time. You may make it recognize.

  In addition, since the question generation unit 14a causes the user to answer questions using knowledge, for example, the floor or direction of the office (in the south side) is not generally known, but the question is naturally known to the person himself / herself. It is possible to improve security by making them answer. This security is not as thorough as a password, but is effective as a deterrent.

  In addition, the question generation unit 14a may be configured to ask another question after the identity is confirmed by biometric authentication. In other words, if the question generating unit 14a is not able to answer a question that is of course known to a person, even though the result of biometric authentication is that the person himself / herself is obtained, there is a possibility that some kind of fraud has been performed. There is. In that case, it is possible to take measures such as recording in a log so that the image of the monitoring camera can be confirmed, or displaying a warning on the system management terminal 20.

  By the way, in the present invention, it may be applied to confirmation when inputting personal information on an Internet site or the like, for example, input of personal information when a user ID is issued to a user on a membership system site. For example, knowledge information may be used.

  Therefore, in the following third embodiment, using FIG. 11 to FIG. 13, knowledge on confirmation when inputting personal information in inputting personal information when issuing a user ID to a user on a membership system site is provided. A case where information is used will be described.

  As shown in FIG. 11, the Web server 10b includes a question generating unit 14b, an http server 17, a member information database 30b, and a knowledge database 40. Hereinafter, a different part from said Example 1 is demonstrated.

  As shown in FIG. 12, the knowledge database 40 confirms the corresponding constellation or zodiac when the input information is the date of birth, as illustrated in FIG. Is remembered.

  As shown in FIG. 13, when registering personal information, the http server 17 displays a form for entering a first and last name, date of birth, and address, and allows the user to input the form. The http server 17 proceeds to a confirmation screen by pressing a “confirm” button after the user inputs data.

  At this time, the question generation unit 14 b generates a confirmation question based on the personal information input by the user and the knowledge information in the knowledge database 40. For example, as shown in FIG. 13, the zodiac signs and constellations are checked from the date of birth, the nearest station is checked from the address, and it is confirmed by asking that there is no mistake.

  In this way, a confirmation question is generated based on the personal information input by the user and the knowledge information in the knowledge database 40, and the question is asked in a form different from the input information. Easy to notice.

  Although the embodiments of the present invention have been described so far, the present invention may be implemented in various different forms other than the embodiments described above. Therefore, another embodiment included in the present invention will be described below as a third embodiment.

(1) Question Example In the present invention, questions as illustrated in FIGS. 14 to 19 may be generated as question examples to be generated based on knowledge information. Specifically, as illustrated in FIG. 14 to FIG. 19, to narrow down individuals by generating questions regarding birth date, questions regarding first and last names, questions regarding affiliation, questions regarding school, questions regarding address, and questions regarding email It may be.

(2) System Configuration The components of the illustrated devices are functionally conceptual and need not be physically configured as illustrated. In other words, the specific form of distribution / integration of each device is not limited to that shown in the figure, and all or a part thereof may be functionally or physically distributed or arbitrarily distributed in arbitrary units according to various loads or usage conditions. Can be integrated and configured. For example, the display unit 11 and the input unit 12 may be integrated. Further, all or any part of each processing function performed in each device may be realized by a CPU and a program analyzed and executed by the CPU, or may be realized as hardware by wired logic.

  In addition, among the processes described in this embodiment, all or part of the processes described as being performed automatically can be performed manually, or the processes described as being performed manually can be performed. All or a part can be automatically performed by a known method. In addition, the processing procedure, control procedure, specific name, and information including various data and parameters shown in the above-described document and drawings can be arbitrarily changed unless otherwise specified.

(3) Program By the way, various processes described in the above embodiments can be realized by executing a program prepared in advance by a computer. Therefore, in the following, an example of a computer that executes a program having the same function as in the above embodiment will be described with reference to FIG. FIG. 20 is a diagram illustrating a computer that executes a personal authentication program.

  As shown in the figure, a computer 600 as a question generation device is configured by connecting an HDD 610, a RAM 620, a ROM 630 and a CPU 640 via a bus 650.

  The ROM 630 stores in advance a personal authentication program that exhibits the same function as in the above-described embodiment, that is, a question generation program 631 as shown in FIG. Note that the program 631 may be appropriately integrated or distributed in the same manner as each component of the personal authentication system 1 shown in FIG.

  Then, the CPU 640 reads out these programs 631 from the ROM 630 and executes them, so that the program 631 functions as a question generation process 641 as shown in FIG. The process 641 corresponds to the question generation unit 14 illustrated in FIG.

  The HDD 610 is provided with a user data table 611 and a knowledge data table 612 as shown in FIG. The user data table 611 and the knowledge data table 612 correspond to the user information database 30 and the knowledge database 40 shown in FIG. Then, the CPU 640 registers data in the user data table 611 and the knowledge data table 612, reads the user data 621 and the knowledge data 622 from the user data table 611 and the knowledge data table 612, and stores them in the RAM 620. The processing is executed based on the user data 621 and the knowledge data 622 stored in the RAM 620.

  The following appendices are further disclosed with respect to the embodiments including the above Examples 1 to 4.

(Appendix 1) A personal authentication system for asking a question to a user and narrowing down an individual using an answer to the question,
Personal information storage means for storing personal information of the user;
Knowledge information storage means for storing knowledge information related to the personal information stored by the personal information storage means;
Question generating means for generating a question based on the knowledge information stored by the knowledge information storage means;
Asking the question generated by the question generating means, and using an answer to the question, personal narrowing means for narrowing down individuals,
A personal authentication system comprising:

(Additional remark 2) After the individual narrowing down by the said individual narrowing-down means, when the number of narrowed down persons becomes less than a predetermined number of persons, it further has an authentication means which performs an authentication process, 1. The personal authentication system according to 1.

(Additional remark 3) After the personal narrowing down is performed by the personal narrowing down means, the narrowing down status display means for displaying the status of narrowing down;
Authentication start accepting means for accepting a request to start the authentication process,
The personal authentication system according to appendix 2, wherein the authentication unit performs authentication when a request for starting an authentication process is received by the authentication start reception unit.

(Supplementary note 4) The personal authentication system according to any one of supplementary notes 1 to 3, further comprising personal information receiving means for receiving direct input of personal information instead of an answer to the question.

(Additional remark 5) It further has a path | pass request | requirement means which receives the path | pass request | requirement which passes the answer with respect to the said question produced | generated by the said question production | generation means,
The personal authentication system according to any one of appendices 1 to 4, wherein the personal narrowing-down means changes the question when the pass request is accepted by the pass requesting means.

(Appendix 6) An input confirmation system for confirming that there is no mistake in information inputted from a user,
Personal information storage means for storing personal information of the user;
Knowledge information storage means for storing knowledge information related to the personal information stored by the personal information storage means;
Question generating means for generating a question based on the personal information of the user stored by the personal information storage means and the knowledge information stored by the knowledge information storage means;
Among the questions generated by the question generation means, ask a question corresponding to the information input from the user, and input confirmation means for confirming that the input information is correct,
An input confirmation system comprising:

(Appendix 7) A personal authentication method for asking a question to a user and narrowing down an individual using an answer to the question,
A personal information storing step for storing personal information of the user;
A knowledge information storage step for storing knowledge information related to the personal information stored by the personal information storage step;
A question generating step for generating a question based on the knowledge information stored by the knowledge information storing step;
Asking the question generated by the question generating step, and using an answer to the question, a personal screening step of narrowing down individuals,
The personal authentication method characterized by including.

(Supplementary Note 8) A personal authentication program for causing a computer to execute a personal authentication method for asking a user a question and using an answer to the question to narrow down individuals.
Personal information storage procedure for storing personal information of the user;
A knowledge information storage procedure for storing knowledge information related to the personal information stored by the personal information storage procedure;
A question generation procedure for generating a question based on the knowledge information stored by the knowledge information storage procedure;
Asking the question generated by the question generation procedure, and using an answer to the question, a personal screening procedure for narrowing down individuals,
A personal authentication program for causing a computer to execute.

1 is a block diagram illustrating a configuration of a personal authentication system according to Embodiment 1. FIG. It is a figure which shows the example of the registration database which concerns on Example 1. FIG. It is a figure for demonstrating the example of the knowledge database which concerns on Example 1. FIG. It is a figure for demonstrating the example of an input screen. It is a figure for demonstrating the example of a status display. It is a figure for demonstrating a question production | generation process. 3 is a flowchart illustrating a processing operation of the personal authentication system according to the first embodiment. It is a block diagram which shows the structure of the personal authentication system which concerns on Example 2. FIG. It is a figure which shows the example of the employee database which concerns on Example 2. FIG. It is a figure for demonstrating the example of the knowledge database which concerns on Example 2. FIG. It is a block diagram which shows the structure of the personal authentication system which concerns on Example 3. FIG. It is a figure for demonstrating the example of the knowledge database which concerns on Example 3. FIG. It is a figure for demonstrating the example of an input confirmation screen. It is a figure which shows the example of a question produced | generated regarding a date of birth. It is a figure which shows the example of a question produced | generated regarding a full name. It is a figure which shows the example of a question produced | generated regarding a affiliation. It is a figure which shows the example of a question produced | generated regarding a school. It is a figure which shows the example of a question produced | generated regarding an address. It is a figure which shows the example of a question produced | generated regarding an email address. It is a figure which shows the computer which performs a personal authentication program.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 Lending processing terminal 11 Display part 12 Input part 13 Biometric sensor part 14 Question generation part 15 Biometric control part 16 Biometric engine 20 System management terminal 30 User information database 40 Knowledge database

Claims (7)

A personal authentication system that asks users questions and uses the answers to the questions to narrow down individuals.
Personal information storage means for storing personal information of the user;
Knowledge information storage means for storing knowledge information related to the personal information stored by the personal information storage means;
Question generating means for generating a question based on the knowledge information stored by the knowledge information storage means;
Asking the question generated by the question generating means, and using an answer to the question, personal narrowing means for narrowing down individuals,
A personal authentication system comprising:   2. The authentication device according to claim 1, further comprising an authentication unit configured to perform an authentication process when the number of persons narrowed down is less than a predetermined number after the individual narrowing down is performed by the individual narrowing down unit. Personal authentication system. After the narrowing down of individuals by the individual narrowing means, narrowing status display means for displaying the narrowing status;
Authentication start accepting means for accepting a request to start the authentication process,
The personal authentication system according to claim 2, wherein the authentication unit performs authentication when a request for starting an authentication process is received by the authentication start reception unit.   The personal authentication system according to any one of claims 1 to 3, further comprising personal information receiving means for receiving direct input of personal information instead of an answer to the question. Path request means for accepting a path request for passing an answer to the question generated by the question generation means,
The personal authentication system according to any one of claims 1 to 4, wherein the personal narrowing-down means changes the question when the pass request is accepted by the pass requesting means. A personal authentication method for asking a user a question and using an answer to the question to narrow down individuals.
A personal information storing step for storing personal information of the user;
A knowledge information storage step for storing knowledge information related to the personal information stored by the personal information storage step;
A question generating step for generating a question based on the knowledge information stored by the knowledge information storing step;
Asking the question generated by the question generating step, and using an answer to the question, a personal screening step of narrowing down individuals,
The personal authentication method characterized by including. A personal authentication program that makes a computer execute a personal authentication method for asking a user a question and using an answer to the question to narrow down individuals.
Personal information storage procedure for storing personal information of the user;
A knowledge information storage procedure for storing knowledge information related to the personal information stored by the personal information storage procedure;
A question generation procedure for generating a question based on the knowledge information stored by the knowledge information storage procedure;
Asking the question generated by the question generation procedure, and using an answer to the question, a personal screening procedure for narrowing down individuals,
A personal authentication program for causing a computer to execute.

Images